🚨 CISA KEV 1[−]
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
26 SepEPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the like…THEHACKERNEWS.COM
26 SepCritical SQL Injection Vulnerability Discovered in ‘The Events Calendar’ WordPress PluginA critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity.SECURITYONLINE.INFO
26 SepTeamViewer Urges Users to Patch Privilege Escalation FlawsTeamViewer has identified critical vulnerabilities (CVE-2024-7479 and CVE-2024-7481) in its Remote Client and Remote Host products for Windows, putting users at risk with a CVSS score of 8.8.SECURITYONLINE.INFO
26 SepUpdate: GitLab Backports Fix for CVE-2024-45409 to Older VersionsGitLab has released a security update to fix a critical vulnerability (CVE-2024-45409) in its Community Edition and Enterprise Edition platforms, affecting all self-managed installationsSECURITYONLINE.INFO
26 SepCritical Vulnerability in pgAdmin Puts User Data at RiskThis flaw, identified as CVE-2024-9014 and carrying a CVSS score of 9.9, could enable attackers to potentially compromise user data through the OAuth2 authentication mechanism.SECURITYONLINE.INFO
26 SepCritical Vulnerabilities Found in Proroute H685t-w 4G RouterTwo critical vulnerabilities have been discovered in Proroute H685t-w 4G routers: a command injection flaw (CVE-2024-45682) allowing complete system takeover and a cross-site scripting vulnerability (CVE-2024-38380) enabling account hijacking.SECURITYONLINE.INFO
26 SepChromium: CVE-2024-9123 Integer overflow in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
26 SepChromium: CVE-2024-9122 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
26 SepChromium: CVE-2024-9121 Inappropriate implementation in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
26 SepChromium: CVE-2024-9120 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 39[−]
26 SepZero trust, not no trust: A practical guide to implementing ZTNAZero-trust network access (ZTNA) is a security model that follows the principle of “ never trust, always verify .” Instead of relying on traditional network perimeter security, ZTNA mandates that all access requests, regardless of origin, are strictly validated before granting pe…CSOONLINE.COM
26 SepFlax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various DevicesThe Five Eyes agencies recently released a joint cybersecurity advisory detailing a new botnet, Flax Typhoon, linked to Chinese state-sponsored actors. The advisory highlights the actors’ use of compromised routers and IoT devices to establish a vast botnet capable of vario…GBHACKERS.COM
26 SepBeware the risks of vulnerable VPNs: update, maintain, monitor, and protectWe live in a world that is always on and always vulnerable. We need remote access to allow employees to work from anywhere, but that also means that our networks are exposed to everywhere. If you still provide virtual private network (VPN) technology to your employees and do not …CSOONLINE.COM
26 SepCritical Arc Browser Vulnerability Let Attackers Execute Remote CodeArc’s Boosts feature lets users customize websites with CSS and JavaScript. While JavaScript Boosts are not shareable to protect security, they are synced across devices for personal use. Misconfigured Firebase ACLs enabled unauthorized users to modify the creatorID of Boos…GBHACKERS.COM
26 SepOpen Source C2 Frameworks Used In Red Teaming Assessments Vulnerable To RCE AttacksC2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromised systems, enable efficient collaboration, and evade detection by providing customizable behaviors. It is a toolset attackers use …GBHACKERS.COM
26 SepMicrosoft Warns Of Vanilla Tempest Hackers Attacking Healthcare SectorMicrosoft has identified a new attack vector employed by the financially motivated threat actor Vanilla Tempest. This actor has been observed leveraging the INC ransomware to target healthcare organizations within the United States. Specifically, Vanilla Tempest is exploiting vul…GBHACKERS.COM
26 SepAttackers impersonate freight companies in double brokering scamsScammers are increasingly impersonating transportation companies to bid on shipments and then contract the job at a lower price to potentially less reliable carriers. This type of scam, known as double brokering, can nullify insurance coverage for shipments made by companies that…CSOONLINE.COM
26 SepTeamTNT Hackers Attacking VPS Servers Running CentOSTeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies system files to kill existing miners, remove Docker containers, and redirect DNS to Google servers. The script stealthily ins…GBHACKERS.COM
26 SepResearchers Backdoored Azure Automation Account Packages And Runtime EnvironmentsRuntime environments offer a flexible way to customize Automation Account Runbooks with specific packages. While base system-generated environments can’t be directly modified, they can be indirectly changed by adding packages to the old experience and then switching to the …GBHACKERS.COM
26 SepNew Mallox Ransomware Linux Variant Attacking Enterprise Linux ServersKryptina RaaS, a free and open-source RaaS platform for Linux, initially struggled to attract attention. Still, after a Mallox affiliate’s staging server was leaked in May 2024, Kryptina’s modified version, branded Mallox v1.0, gained prominence. The research examines…GBHACKERS.COM
26 SepGoogle Warns Of North Korean IT Workers Have Infiltrated The U.S. WorkforceNorth Korean IT workers, disguised as non-North Koreans, infiltrate various industries to generate revenue for their regime, evading sanctions and funding WMD programs by exploiting privileged access to enable cyber intrusions. Facilitators, often non-North Koreans, assist these …GBHACKERS.COM
26 SepRansomHub Ransomware Using Multiple Techniques To Disable EDR And AntivirusThe RansomHub ransomware group tracked as Water Bakunawa, employs targeted spear-phishing to exploit the Zerologon vulnerability, allowing them to gain unauthorized access to networks, affecting various industries and critical infrastructure sectors, demanding ransom payments for…GBHACKERS.COM
26 SepCloud Security Podcast by Google » EP191 Why Aren't More Defenders Winning? Defender’s Advantage and How to Gain it!submitted by ashar to security_cpe 1 points | 0 comments https://images.libsyn.com/p/assets/7/9/c/6/79c69a6aa12c3b9c/CloudSec-1440x1440px.png Podcast Why Aren’t More Defenders Winning? Defender’s Advantage and How to Gain it! Guest: Dan Nutting, Manager - Cyber Defense, Google Cl…INFOSEC.PUB
26 SepFortifying the Weakest Link: How to Safeguard Against Supply Chain CyberattacksAs organizations have fortified their defenses against direct network attacks, hackers have shifted their focus to exploiting vulnerabilities in the supply chain to gain backdoor access to systems. The post Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cybera…SECURITYWEEK.COM
26 SepWatering Hole Attack on Kurdish Sites Distributing Malicious APKs and SpywareAs many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, descr…THEHACKERNEWS.COM
26 SepChinese hackers allegedly hacked US ISPs for cyber espionageChinese state-sponsored hackers have been found to have gained access to multiple US internet service providers (ISPs) to establish persistence and carry out cyber espionage activities. The Chinese APT group, Salt Typhoon, infiltrated these services in recent months in “pursuit o…CSOONLINE.COM
26 SepAutomattic blocks WP Engine’s access to WordPress resourcesWordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. [...]BLEEPINGCOMPUTER.COM
26 SepCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on September 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. IICSA-24-270-01 Advantech ADAM-5550 ICSA-24-270-02 Advantech ADAM-5630 I…CISA.GOV
26 SepSAP SE revamps application security scanning using simulation and automationSAP’s award-winning FioriDAST project mimics user and attacker behavior to safeguard its web applications. While hackers target companies of all sizes, a tech giant like SAP may have a bigger bull’s eye on its back because of the sensitive data it manages and the critical role it…CSOONLINE.COM
26 SepRemote Code Execution, DoS Vulnerabilities Patched in OpenPLCCritical and high-severity vulnerabilities that can be exploited for DoS attacks and remote code execution have been patched in OpenPLC. The post Remote Code Execution, DoS Vulnerabilities Patched in OpenPLC appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepHere are the top 3 causes of breaches – and how to mitigate themThe stakes are higher than ever for organizations worldwide regarding cybersecurity incidents, as the fallout of such incidents is becoming more costly and complex. According to the Fortinet 2024 Cybersecurity Skills Gap Report , the overwhelming majority (87%) of those surveyed …CSOONLINE.COM
26 SepHackers Could Have Remotely Controlled Kia Cars Using Only License PlatesCybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equi…THEHACKERNEWS.COM
26 SepCisco Releases Security Updates for IOS and IOS XE SoftwareCisco released its September 2024 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication to address vulnerabilities in IOS and IOS XE. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encou…CISA.GOV
26 SepKaspersky defends force-replacing its security software without users’ explicit consentThat lack of user interaction — or request for consent — is what confused and concerned some former Kaspersky customers. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
26 SepZero-Day Vulnerabilities in Automatic Tank Gauge SystemsHackers Could Cause Tanks to Overfill and Disable Leak Detection Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberatt…DATABREACHTODAY.CO.UK
26 SepCryptohack Roundup: BingX, Truflation ExploitsAlso: Reimbursements in Banana Gun Hack; Germany Shutters 47 Exchanges This week, BingX, Truflation, OpenAI X account hacked; Germany shut 47 exchanges; Caroline Ellison sentenced; two got crypto theft charges; one got crypto scam fine; Banana Gun will refund victims; WazirX, Lim…DATABREACHTODAY.CO.UK
26 SepAI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844Kayla Williams, Chief Security Information Officer at Devo, discussed the role of AI in cybersecurity and the ongoing issue of burnout for SOC analysts. Working with Wakefield Research, Devo discovered that 83% of IT professionals feel burnt out due to stress, lack of sleep, and …YOUTUBE.COM
26 SepMemory-Safe Coding Cuts Android System Flaws by 75%Google Says Rust Language Initiative Eliminates Cross-Site Scripting, Other Flaws Google says switching to a memory-safe language such as Rust under its Safe Coding program has helped significantly reduce the number of vulnerabilities in Android systems. The number of vulnerabili…DATABREACHTODAY.CO.UK
26 SepThreat Actors Leverage Docker Swarm and Kubernetes to Mine Cryptocurrency at ScaleThreat actors exploit vulnerabilities in container orchestration technologies, particularly misconfigured Docker API endpoints, to compromise containers and cloud hosts to deploy a crypto miner.SECURITYLABS.DATADOGHQ.COM
26 SepPure Storage Reveals CVSS 10 Vulnerabilities, Putting FlashArray, FlashBlade Systems at RiskThe identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation.SECURITYONLINE.INFO
26 Sep KEVCritical Flaw in RAISECOM Gateways Actively Exploited, Exposing Thousands to Remote AttacksModels MSG1200, MSG2100E, MSG2200, and MSG2300 running software version 3.90 are affected. Security researcher Johannes B. Ullrich has identified two payloads used in attacks, targeting vulnerable routers.SECURITYONLINE.INFO
26 SepNew Rust-based Splinter Post-Exploitation Tool Poses Major RiskSplinter, a new post-exploitation tool, has emerged as a threat, with attackers using it to wreak havoc by executing commands, stealing files, and downloading malware onto victims' systems.THEREGISTER.COM
26 SepProxmox Virtual Environment and Mail Gateway Exposed to Critical API VulnerabilityA critical vulnerability has been identified in Proxmox Virtual Environment (VE) and Proxmox Mail Gateway (PMG) that could allow unauthorized access to sensitive files and potentially lead to a full system compromise.SECURITYONLINE.INFO
26 SepCritical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution RiskThe flaw affects ASF version 3. 52. 0. 2574 and earlier, with potential for exploitation in various IoT devices. No fixes are available, except for replacing the vulnerable tinydhcp service.THEHACKERNEWS.COM
26 SepPatch for Critical CUPS vulnerability: Don't Panic, (Thu, Sep 26th)These last two days, a lot has been talked about a "Doomsday 9.9 RCE bug&#;x26;#;39;" in Linux [1]. We now have some additional details from Simone Margaritelli, who discovered and reported the vulnerabilities.
ISC.SANS.EDU
26 SepSecurity compliance unicorn Drata lays off 9% of its workforceDrata, a security compliance automation platform that helps companies adhere to frameworks such as SOC 2 and GDPR, has laid off 9% of its workforce, amounting to 40 people. Founded in 2020, Drata integrates with dozens of clouds, SaaS apps, developer tools, securit…TECHCRUNCH.COM
26 SepVisa Acquires AI Leader Featurespace for Payments ProtectionFeaturespace's AI Expertise Will Enhance Visa's Fraud, Risk and Payments Technology Visa has signed a definitive agreement to acquire AI-driven fraud prevention leader Featurespace. This acquisition will reinforce Visa's fraud detection capabilities, integrating advanced machine …DATABREACHTODAY.CO.UK
26 SepCUPS flaws enable Linux remote code execution, but there’s a catchUnder certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
26 SepNIST proposes barring some of the most nonsensical password rulessubmitted by neme to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2024/09/nist-proposes-barring-some-of-the-most-nonsensical-password-rules/SH.ITJUST.WORKS
26 SepCISO Tradecraft podcast #199 - How to Secure Generative AIsubmitted by ashar to security_cpe 1 points | 0 comments https://pbcdn1.podbean.com/imglogo/image-logo/10031191/CISOTradecraftPodcast_300x300.png Podcast Transcript Join G. Mark Hardy in Torremolinos, Spain, for a deep dive into the security of Generative AI. This episode of CISO…INFOSEC.PUB
26 SepIsraeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS AttacksUnsophisticated methods can still be used to hack ICS/OT — even so, many cyberattack claims are likely exaggerated. The post Israeli Group Claims Lebanon Water Hack as CISA Reiterates Warning on Simple ICS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepCISA warns hackers targeting industrial systems with “unsophisticated methods” as claims made of Lebanon water hackThe US Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers continue to be capable of compromising industrial control systems (ICS) and other operational technology (OT) using "unsophisticated methods" - suggesting that much more still needs to be done …TRIPWIRE.COM
26 SepState Lawmakers to Give Banks Tools to Fight Elder FraudWith No Federal Help in Sight, 6 Legislatures Hope to Stop Suspicious Transactions As cyber fraud against senior citizens rises, at least four U.S. states are considering new legislation to fill the gaps in fraud protection normally covered by the federal Consumer Financial Prote…DATABREACHTODAY.CO.UK
26 SepBreach Roundup: How to Spot North Korean IT WorkersAlso: Ransomware Surged in 2023, MoneyGram Back in Service After Cyberattack This week, advice on spotting North Korean staff; ransomware attacks rose; MoneyGram back online; FCC fined political operative; CISA warned of water system attacks; Ukraine restricted Telegram use; Nort…DATABREACHTODAY.CO.UK
26 SepNIST Calls for Major Overhaul in Typical Password PracticesDraft Guidelines Call for Longer, Randomized Passwords Instead of Memorized Phrases The National Institute of Standards and Technology is calling for longer, randomized passwords instead of memorized phrases containing combinations of upper and lowercase letters in new guidance t…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 16[−]
26 SepHackers Weaponizing PDF files To Deliver New SnipBot MalwareThe RomCom malware family, particularly its SnipBot variant, has evolved into a sophisticated threat capable of ransomware, extortion, and targeted credential gathering. It employs various attack methods, including PDF-based downloaders and executable payloads, to compromise vict…GBHACKERS.COM
26 SepTWELVE Threat Attacks Windows To Encrypt Then Deleting Victims’ DataThe threat actor, formed in 2023, specializes in ransomware attacks targeting Russian government organizations. It encrypts and deletes victim data, exfiltrates sensitive information, and aims to inflict maximum damage on critical assets. The threat actor likely scans IP address …GBHACKERS.COM
26 SepSophos: Attacks Drop in Nearly All Sectors But HealthcareSurvey Finds 37% of Providers Take Over a Month to Recover From Ransomware Ransomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which su…DATABREACHTODAY.CO.UK
26 SepPolice Are Probing a Cyberattack on Wi-Fi Networks at UK Train StationsAn investigation has been launched into a Wi-Fi service hack that has impacted many train stations in the United Kingdom. The post Police Are Probing a Cyberattack on Wi-Fi Networks at UK Train Stations appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepRansomware on the rise: Healthcare industry attack trends 2024According to the IBM Cost of a Data Breach Report 2024, the global average cost of a data breach reached $4.88 million this year, a 10% increase over 2023. For the healthcare industry, the report offers both good and bad news. The good news is that average data breach costs fell …SECURITYINTELLIGENCE.COM
26 SepIndia’s Star Health says it’s investigating after hacker posts stolen medical dataThe health insurance giant is investigating an incident that allegedly leaked sensitive customer medical data. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
26 SepU.S. Indicts 2 Top Russian Hackers, Sanctions CryptexThe United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a…KREBSONSECURITY.COM
26 SepUS sanctions crypto exchanges used by Russian ransomware gangsThe U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned PM2BTC and Cryptex, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups. [...]BLEEPINGCOMPUTER.COM
26 Sep'Vanilla Tempest' Now Using INC Ransomware in Health SectorMicrosoft: Ransomware-as-a-Service Group Keeps Shifting Malware to Avoid Detection Threat actors tracked as "Vanilla Tempest" - and also known as Vice Society - appear to be changing up the ransomware they use to attack on U.S. healthcare organizations. Likely in a move to avoid …DATABREACHTODAY.CO.UK
26 SepKryptina RaaS: From Unsellable Cast-Off to Enterprise RansomwareMallox, known for targeting Windows systems, has expanded its operations to Linux by using a modified version of the Kryptina ransomware, named "Mallox Linux 1.0." The ransomware utilizes the same encryption algorithm as Kryptina.SENTINELONE.COM
26 SepData exfiltration using RAMBO & PIXHELL | Kaspersky official blogMordechai Guri from Ben-Gurion University of the Negev presents two new data exfiltration methods: RAMBO and PIXHELLKASPERSKY.COM
26 SepUnit 42 Incident Response Retainers Enhance Organizational ResilienceExamine two Unit 42 incident response cases that provide valuable insights into how today’s threat landscape evolves and the strategies needed against it. The post Unit 42 Incident Response Retainers Enhance Organizational Resilience appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 SepNew RomCom malware variant 'SnipBot' spotted in data theft attacksA new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems. [...]BLEEPINGCOMPUTER.COM
26 SepCybersecurity Compass: Bridging the Communication GapDiscover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach.TRENDMICRO.COM
26 SepStorm-0501: Ransomware attacks expanding to hybrid cloud environmentsMicrosoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persiste…MICROSOFT.COM
🕵️ THREAT INTELLIGENCE 21[−]
26 SepOSINT - Image Analysis or More Where, When, and Metadata [Guest Diary], (Wed, Sep 25th)[This is a Guest Diary by Thomas Spangler, an ISC intern as part of the SANS.edu BACS program]
ISC.SANS.EDU
26 SepISC Stormcast For Thursday, September 26th, 2024 https://isc.sans.edu/podcastdetail/9154, (Thu, Sep 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 SepChinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage CampaignNation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threa…THEHACKERNEWS.COM
26 SepCloudflare Warns of India-Linked Hackers Targeting South and East Asian EntitiesAn advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name Sl…THEHACKERNEWS.COM
26 SepBeware Of Fake Captcha Attacks That Delivers Lumma Stealer MalwareIn the past four weeks, a significant increase in malware distribution attempts via fake Captcha campaigns has been observed, targeting over 1.4 million users. Lumma Stealer, a hazardous malware designed for data theft, is the primary payload being distributed. Cybercriminals lev…GBHACKERS.COM
26 SepRussian Hackers Registering Domains Targeting US Tech BrandsResearchers are tracking a Russian threat actor deploying domains involved in crypto scams targeting the US Presidential Election and tech brands. The scams offer double crypto returns for deposits and are designed to deceive users into sending coins to attacker-controlled wallet…GBHACKERS.COM
26 SepBeware Of Fake Verify You Are A Human Request That Delivers MalwareResearchers observed two distinct instances where users were inadvertently led to malicious websites after conducting Google searches for video streaming services. These victims were redirected to malicious URLs that employed a deceptive tactic while attempting to access sports o…GBHACKERS.COM
26 SepOcto2 Android Malware Attacking To Steal Banking CredentialsThe original threat actor behind the Octo malware family has released a new variant, Octo2, with enhanced stability for remote action capabilities to facilitate Device Takeover attacks. This new variant targets European countries and employs sophisticated obfuscation techni…GBHACKERS.COM
26 SepAn Analysis of the EU’s Cyber Resilience ActA good —long, complex—analysis of the EU’s new Cyber Resilience Act.SCHNEIER.COM
26 SepUS Transportation and Logistics Firms Targeted With Infostealers, BackdoorsA malicious campaign is targeting transportation and logistics organizations in North America with various malware families. The post US Transportation and Logistics Firms Targeted With Infostealers, Backdoors appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepN. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted AttacksThreat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium),…THEHACKERNEWS.COM
26 SepCisco Patches High-Severity Vulnerabilities in IOS SoftwareCisco has released patches for seven high-severity vulnerabilities affecting products running IOS and IOS XE software. The post Cisco Patches High-Severity Vulnerabilities in IOS Software appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepGoogle Sees Drop in Memory Safety Bugs in Android as Code MaturesMemory safety bugs in Android have decreased significantly as old code matures and new code uses memory-safe languages. The post Google Sees Drop in Memory Safety Bugs in Android as Code Matures appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepCryptography DEEPEST LOREsubmitted by ertai to security 1 points | 0 comments https://github.com/sporkexec/rubberhose/blob/master/MYTHOLOGY Long live Julian Assange.GITHUB.COM
26 SepOpenAI Exits, Appointments and New Corporate ModelOpenAI Seeks to Become a For-Profit Company Wednesday brought more turmoil in the top ranks of OpenAI after three executives in leadership positions quit the company at a time when the AI giant seeks to convert itself into a for-profit entity. The new structure may affect how the…DATABREACHTODAY.CO.UK
26 SepCritical Nvidia Container Flaw Exposes Cloud AI Systems to Host TakeoverNvidia confirms risk of code execution, denial of service, escalation of privileges, information disclosure, and data tampering. CVSS 9/10. The post Critical Nvidia Container Flaw Exposes Cloud AI Systems to Host Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepUnsophisticated Methods - PSW #844This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance …YOUTUBE.COM
26 SepProof of Concept: Boosting Security and Taming AI 'Lies'Troy Leach and Avani Desai on Risks of AI Hallucination and Misleading Outputs In the latest "Proof of Concept," Troy Leach of the Cloud Security Alliance and Avani Desai of Schellman discuss the risks of AI hallucinations. As AI models advance, hallucinations pose serious threat…DATABREACHTODAY.CO.UK
26 SepParsec Remote Access installed without user knowingsubmitted by zaph to cybersecurity 1 points | 0 comments So I’ve got a few systems where parsec is installed and I can’t uninstall it. Has anyone come across this? The only reason I know it’s installed is by running a script that scans for RAT’s. I can’t find it anywhere else so …SH.ITJUST.WORKS
26 SepX Releases Its First Transparency Report Since Elon Musk’s TakeoverSocial media platform X published its first transparency report since the company was purchased by Elon Musk. The post X Releases Its First Transparency Report Since Elon Musk’s Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
26 SepCyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in UkraineWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
26 SepInside SnipBot: The Latest RomCom Malware VariantUnit 42 researchers discovered a new variant of the RomCom malware family called "SnipBot," designed to target enterprise networks. It can infiltrate networks, execute remote commands, and download additional malicious software.UNIT42.PALOALTONETWORKS.COM
26 SepRecordStealer: A Case Study in the Persistent Threat of Info-Stealing MalwareRecordStealer, also known as RecordBreaker and Raccoon Stealer V2, is a persistent threat that steals sensitive information like credit card data, passwords, and cryptocurrency wallets.SECURITYONLINE.INFO
26 SepCracked Software or Cyber Trap? The Rising Danger of AsyncRAT MalwareMcAfee Labs warned of the spread of AsyncRAT through popular software cracks. Cybercriminals are disguising this malware as cracked versions of well-known software, tricking users into unknowingly installing a sophisticated remote access trojan.MCAFEE.COM
26 SepInaugural World Tour 2024 Survey FindingsTrend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what CISOs had to say.TRENDMICRO.COM
🎙️ PODCASTS 2[−]
26 SepSmashing Security podcast #386: The $230 million crypto handbag heist, and misinformation on social mediaTwo men are accused of stealing almost a quarter of a billion dollars from one person's cryptocurrency wallet, but why on earth would they be handing out handbags to strangers? And social media comes under the spotlight once more, as we ask if you are delving into misinformation …GRAHAMCLULEY.COM
26 SepTransatlantic Cable podcast episode 364 | Kaspersky official blogEpisode 364 has Tamagotchi’s, is TOR broken and crazy robot shenanigans!KASPERSKY.COM
📡 INFOSEC NEWS 13[−]
26 SepSophos named a Leader in the 2024 IDC MarketScape for European MDR ServicesThe IDC MarketScape evaluates the capabilities and business strategies of managed detection and response service providers serving the European market.SOPHOS.COM
26 SepHPE Aruba Networking fixes critical flaws impacting Access PointsHPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points. [...]BLEEPINGCOMPUTER.COM
26 SepThe Tor Project merges with Tails, a Linux-based portable OS focused on privacyThe Tor Project is merging operations with Tails, a portable Linux-based operating system focused on preserving user privacy and anonymity. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
26 SepOverloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led WebinarImagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of t…THEHACKERNEWS.COM
26 SepFake WalletConnect app on Google Play steals Android users’ cryptoA crypto draining app mimicking the legitimate 'WalletConnect' project has been distributed over Google Play for five months getting more than 10,000 downloads. [...]BLEEPINGCOMPUTER.COM
26 SepWhen UK rail stations’ Wi-Fi was defaced by hackers the only casualty was the truthIf you believed some of the news headlines in the UK on Thursday, you would think that something much more serious had happened. People are understandably worried when they read headlines about terror attacks and railway stations - but the facts of the matter are rather less disa…BITDEFENDER.COM
26 SepHacker Plants False Memories In ChatGPT To Steal User Data In PerpetuityPACKETSTORMSECURITY.COM
26 SepTails OS merges with Tor Project for better privacy, securityThe Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship. [...]BLEEPINGCOMPUTER.COM
26 SepKia dealer portal flaw could let attackers hack millions of carsA group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate. [...]BLEEPINGCOMPUTER.COM